How to locate dangling elastic IP's to prevent IP Takeovers?

chjlarson ✭✭✭✭
edited March 2022 in Security Operations

My team is looking for a way to locate any leftover (Dangling) IP addresses in our environment to help prevent IP takeovers. Is there a query that will help identify if any are present?


  • dcpeach
    dcpeach ✭✭✭✭✭
    edited March 2022

    Find DomainRecord with type = ('A' or 'AAAA' or 'CNAME') that connects aws_eip that !(USES|HAS) *
    This query should help! It will look for any Domain Records with IP addresses that aren't being utilized by anything else in your environment!

This Month's Leaders